Table of Contents
Before we begin, let’s talk about what Let’s Encrypt is?
Let’s Encrypt is a free, automated, and open certificate authority (CA) run for the public’s benefit.
It is a service provided by the Internet Security Research Group (ISRG).
We give people the digital certificates they need in order to enable HTTPS (SSL/TLS) for websites, for free, in the most user-friendly way we can.
(About Let’s Encrypt, n.d.)
We do this because we want to create a more secure and privacy-respecting Web.
Let’s Encrypt Wildcard
What is the difference between Standard SSL and Wildcard SSL?
The Wildcard SSL is different from the standard SSL because it secures the traffic not only for your primary domain name, but for all of its subdomains as well (e.g. sub.domain.com). This is particularly useful for websites with different sections divided by subdomains (like online stores, websites with message boards, chats, etc). With a standard SSL you need to install a separate domain certificate for each subdomain, and with Wildcard you can secure them with a single certificate. This makes setting up and maintaining a website with multiple subdomains much easier.
(Monika Dimitrova, 2018)
Let’s Encrypt Wildcard
Why do we need to enable HTTPS (SSL/TLS) on the website?
Hypertext Transfer Protocol Security (HTTPS) is an extension of Hypertext Transfer Protocol (HTTP).
It is used for secure communication through computer networks and is widely used on the Internet.
In HTTPS, the communication protocol uses Transport Layer Security (TLS) or its predecessor, Secure Sockets Layer (SSL), for encryption.
The main motivation of HTTPS is to verify the identity of visiting websites and to protect the privacy and integrity of data exchanged during transmission.
It can prevent man-in-the-middle attacks.
The two-way encryption of the communication between the client and the server prevents the transmission from being eavesdropped and tampered with.
Why do we need Let’s Encrypt?
The authentication aspect of HTTPS requires a trusted third party to sign server-side digital certificates, which historically was expensive.
Thus the complete authenticated HTTPS connections were more commonly found only on secure payment transaction services and other secured corporate information systems on the World Wide Web.
In 2016 a non-profit organization, Let’s Encrypt, began to offer free server certificates to all, and a campaign by the Electronic Frontier Foundation and support of web browser developers led to the protocol becoming more prevalent.
HTTPS is now used more often by web users than the original non-secure HTTP, primarily to protect page authenticity on all types of websites, secure accounts, and keep user communications, identity, and web browsing private.
Let’s Encrypt will make switching from HTTP to HTTPS “as easy as issuing one command, or clicking one button.”
The majority of web hosts and cloud providers now leverage Let’s Encrypt, providing free certificates to their customers.
How to install Let’s Encrypt Wildcard SSL/TLS Certificates by SiteGround:
There are two ways to find Let’s Encrypt, which collaborate with SiteGround.
( Why do I recommend SiteGround to host WordPress?
The first way: Marketplace -> Hosting Services
Scroll down, and you will see: Additional Services -> SSL.
The only difference between Let’s Encrypt SSL and Let’s Encrypt Wildcard SSL is Multiple Subdomains.
It is recommended to apply for Let’s Wildcard Encrypt so that it is more convenient to open a subdomain in the future so that this process will not be rerun.
But if you don’t mind spending time in the future, you can choose Let’s Encrypt SSL.
If there are many domains under your SiteGround account, it will be displayed together for you to choose from.
But there is only one domain under my account, so I only see one.
After pressing Activate
It took me to this page:
There is another way to enter this page.
But will skip Let’s Encrypt’s certificate comparison form.
So for the first time, I recommend you take the first way, through the more formal process, and look at the form.
If you just want an SSL certificate for a subdomain (or only applied for “Let’s Encrypt SSL” for the main domain in the past), or deal with SSL again for a new domain…
Let’s Encrypt Wildcard
Use the second way: Websites -> Websites ->Site Tools.
In general, you will come here: Security -> SSL Manager -> Select SSL
Check if the domain name is the one you want to apply for a certificate.
Just under a minute.
Without an SSL certificate, your website will be shown:
Everyone who visits will be scared away.
With a certificate, your site looks much more secure.
Q&A
Q: After installing the certificate, why my website still use HTTP connection?
That’s because you didn’t come here to enable HTTPS.
Security-> HTTPS Enforce.
“Use this tool to enforce your website to work over an encrypted and secure HTTPS connection.
The HTTPS redirect is performed on a server level and works for any website with active SSL.”
After that, no matter how you enter your URL in the address bar
e.g.
exampledomain.com
http://exampledomain.com
Will lead to only result:
https://exampledomain.com
References:
- Monika Dimitrova. (2018, March 29). Free Let’s Encrypt Wildcard SSL. Siteground.com. https://www.siteground.com/blog/free-lets-encrypt-wildcard-ssl/
